CVE-2023-6343
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2023-6343 is a vulnerability affecting Tyler Technologies Court Case Management Plus. This issue allows unauthenticated attackers to access sensitive files through the use of deprecated Aquaforest TIFF Server, likely version 2.x. The vulnerability arises from the misconfiguration of the 'tiffserver/tssp.aspx' endpoint, specifically the 'FN' and 'PN' parameters. The vulnerability is related to CVE-2023-6352, which deals with insecure configuration issues in Aquaforest TIFF Server. The vulnerable feature was removed on or around November 1, 2023. This vulnerability shares similarities with CVE-2020-9323.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions